On 5/26/08, Simon Josefsson [EMAIL PROTECTED] wrote:
For example, reading a lot of data from linux's /dev/urandom will
deplete the entropy pool in the kernel, which effectively makes reads
from /dev/random stall. The two devices uses the same entropy pool.
That's a bug in the way the
On Sun, May 18, 2008 at 4:55 PM, Hal Finney [EMAIL PROTECTED] wrote:
A simple trick can be used to help immunize DSA signatures against
these kinds of failures. I first learned of this idea many years ago
from Phil Zimmermann, and a varient has been used for a long time in
PGP and probably
Taral [EMAIL PROTECTED] writes:
On 5/26/08, Simon Josefsson [EMAIL PROTECTED] wrote:
For example, reading a lot of data from linux's /dev/urandom will
deplete the entropy pool in the kernel, which effectively makes reads
from /dev/random stall. The two devices uses the same entropy pool.
Anne Lynn Wheeler wrote:
*Irish Bank Debit Card Skimmers Net €1m*
http://www.epaynews.com/index.cgi?survey=ref=browsef=viewid=121179135013743148197block=
from above:
Most of the withdrawals took place at the end of April and early May
2008. Many of the victims contacted their banks to
I noted the following going back on Cryptome today:
A History of the Cryptographic Branch of the People's Army of
Vietnam, 1945-1975, with a supplement on Cryptography in the Border
Guard (formerly the Armed Public Security Forces) 1959-1989
Translated and Edited by David W. Gaddy,
Center for
Allen wrote:
I don't know what the policy is in Ireland, but here in the USA there
is no stop loss on debit cards so the banks are not obligated to make
good on fraudulent withdrawals. I believe that most have out of fear
of bad PR, but you have to fight for it if it is just a few that it
Allen writes:
-+---
| I don't know what the policy is in Ireland, but here in the USA
| there is no stop loss on debit cards so the banks are not
| obligated to make good on fraudulent withdrawals. snip
There is also a legal distinction between a personal
credit card and a corporate
Excerpt:
In a major change of stance, Canada-based Research In Motion (RIM)
may allow the Indian government to intercept non-corporate emails
sent over BlackBerrys.
http://economictimes.indiatimes.com/Telecom/Govt_may_get_keys_to_your_BlackBerry_mailbox_soon/articleshow/3041313.cms
.
http://news.yahoo.com/s/afp/20080527/tc_afp/indiacanadacompanyrimblackberrytelecomsecurity
Apparently even the security experts are suspect to sensationalism
without appropriate research. I would have expected better.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Perry E. Metzger wrote on 27 May 2008 16:14:
Excerpt:
In a major change of stance, Canada-based Research In Motion (RIM)
may allow the Indian government to intercept non-corporate emails
sent over BlackBerrys.
* Dave Korn:
In a major change of stance, Canada-based Research In Motion (RIM)
may allow the Indian government to intercept non-corporate emails
sent over BlackBerrys.
Research In Motion (RIM), the Canadian
Isn't this just a semantic game on the part of RIM and the government?
The phrase enterprise customers would seem to isolate a class of
customers such that individual customers not using a corporate version
of the product would see their crypto weakened... and be subject to
monitoring
On Mon, May 26, 2008 at 11:22:18AM +0200, Simon Josefsson wrote:
For example, reading a lot of data from linux's /dev/urandom will
deplete the entropy pool in the kernel, which effectively makes reads
from /dev/random stall. The two devices uses the same entropy pool.
I believe a much
Florian Weimer wrote on 27 May 2008 18:49:
* Dave Korn:
In a major change of stance, Canada-based Research In Motion (RIM)
may allow the Indian government to intercept non-corporate emails
sent over
On Tue, May 27, 2008 at 08:08:11PM +0100, Dave Korn wrote:
Well spotted. Yes, I guess that's what Jim Youll was asking. And I
should have said seemingly-contradictory. This is, of course, what I
meant by marketeering: when someone asks if your service is insecure and
interceptable, you
15 matches
Mail list logo